The present inventive subject matter relates to the art of transaction conversion. It finds particular application in conjunction with conversions between Internet based transactions and non-Internet based transactions, and will be described with particular reference thereto. However, one of ordinary skill in the art will appreciate that it is also amenable to other like applications.
Internet commerce, or e-commerce as it is otherwise known, relates to the buying and selling of products and services between consumers and merchants over the Internet or other like transactional exchanges of information over similar telecommunication networks. The convenience of shopping over the Internet has sparked considerable interest in e-commerce on behalf of both consumers and merchants. Internet sales, or like transactions, have been typically carried out using standard credit cards such as Visa®), MasterCard®, Discover®), American Express®, or the like, or standard debit cards, i.e., check cards or automated teller machine (ATM) cards which directly access funds from an associated deposit account or other bank account.
While widely used for more traditional face-to-face transactions, use of these standard cards in connection with e-commerce presents certain difficulties, including difficulties concerning authentication or positive identification of the cardholder. For example, maintaining consumer confidence in security has become difficult with increased reports of fraud. The resulting apprehension is also fueled by consumer uncertainty of the reputation or integrity of a merchant with whom the consumer is dealing. Questionable security of the consumer's card information or other personal information typically submitted along with a traditional e-commerce transaction (e.g., address, card number, phone number, etc.) serves to increase apprehension even more. Additionally, cardholders, merchants and financial institutions are all concerned about safeguarding against fraudulent or otherwise unauthorized transactions.
Accordingly, various credit card or payment networks have implemented initiatives or programs aimed at safeguarding against fraud. Payment networks (e.g., Visa® and MasterCard®) have implemented various initiatives (e.g., Visa 3-D Secure®, a.k.a. Verified by Visa® (VbV), and MasterCard SecureCode®) to allow for the authentication of a cardholder prior to authorizing a transaction. The benefits to all the parties involved in the transaction have been acknowledged. However, the programs mainly focus on e-commerce conducted over the Internet.
For example, these Internet authentication initiatives work by having a merchant implement a piece of software on their server that will connect a cardholder to their bank for authentication. The cardholder authenticates with the bank by connecting to a server over the Internet that stores authentication credentials for that cardholder, whether it be a password, PKI (Public Key Infrastructure), biometric, or some other credential. The bank then sends authentication data (based on success or failure) back to the merchant to package into an authorization message. Often, this is all carried out over the world-wide-web, e.g., using HTML (Hypertext Markup Language).
However, there is also a desire to authenticate cardholders in other “card-not-present” transactions, i.e., in other than Internet transactions. Particular applications include, e.g., mobile top-up or purchase of air time minutes for prepaid mobile telephones of other mobile devices made with a card, proximity payments using IR (Infrared) or other communications technology to send payment details to an unmanned POS (Point of Sale) device, telephone orders, etc. These types of transactions can originate from many applications such as through an IVR (Interactive Voice Response) system, using SMS (Short Message Service) messaging, using STK (SIM (Subscriber Identity Module) Toolkit), or IR financial messaging. Typically, these other “card-not-present” types of transactions do not enjoy the benefit of cardholder signatures to protect against fraudulent card use. Additionally, they also do not enjoy the benefit of the aforementioned authentication programs, insomuch as those programs are focused on Internet based transactions.
While authentication is desirable in other card-not-present situations, it can be burdensome to develop separate diverse programs for each potential type of transaction. It would be advantageous therefore to be able to employ the aforementioned authentication initiatives for these other types of non-Internet based transactions. The challenge is determining how to best utilize the system elements, methods and/or protocols already in place for the foregoing programs to achieve authentication of the cardholder, being that the cardholder is often not actually on the Internet in these situations.
Accordingly, a new and improved apparatus and/or method for converting transactions between Internet based transactions and non-Internet based transaction is disclosed that overcomes the above-referenced problems and others.